Trusted Reviews may earn an affiliate commission when you purchase through links on our site. Learn More

Pokemon Go players targeted by Trojan app

A Guide to Pokemon Go, with half a million downloads, has turned out to be a malicious app, research has found.

The app was posing as a guide to the hugely popular Pokemon Go game, a report on Kapersky blog explains.

The app is known as a Trojan and is used by cyber criminals to steal confidential details from devices.

By using several layers of obfuscation, the malicious app was able to go undetected by Google Play’s malware detection mechanisms.

Once rooted in a device it is capable of downloading unwanted files and stealing information from users.

Watch: Pokemon Go tips and tricks

Related: Latest Pokemon Go update explained

The app is programmed to lie dormant and determine whether the device is real or an emulated machine.

Once the malware determines that the device is real, it starts sending the user’s information to criminals.

The app can gain access to the root file on Android handsets and tablets through vulnerabilities discovered in Android devices between 2012 and 2015. This, in theory, can grant it complete control over the device.

Google did release patches to fix these vulnerabilities but it is unlikely all Android devices have them in use.
Of course, 500,000 downloads does not mean 500,000 infections. However, Kapersky researchers found 6,000 successful infections across Russia and Asia.

What’s more, the malware was intended to target English speaking users, making Europe a likely target.

Watch: Is Pokemon Go a massive waste of time?

Do you know anyone who has been targeted by the malicious app? Let us know in the comments below.

Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links. Tell us what you think – email the Editor